Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/H42ms0xc7Pbh5zYFNGm4Q4XDWsM.roa
File: H42ms0xc7Pbh5zYFNGm4Q4XDWsM.roa (raw, json)
Hash identifier: nKqdvpL75H++UDJsIAKjwE7Ym70Aj45FqeyXF+0X//M=
Subject key identifier: 1F:8D:A6:B3:4C:5C:EC:F6:E1:E7:36:05:34:69:B8:43:85:C3:5A:C3
Certificate issuer: /CN=3e332dd2994c6ee89436158a2eac1f482922cd2a
Certificate serial: 018AB786280167D7BB49423C4673B429FE75
Authority key identifier: 3E:33:2D:D2:99:4C:6E:E8:94:36:15:8A:2E:AC:1F:48:29:22:CD:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PjMt0plMbuiUNhWKLqwfSCkizSo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/H42ms0xc7Pbh5zYFNGm4Q4XDWsM.roa
Signing time: Thu 21 Sep 2023 11:35:37 +0000
ROA not before: Thu 21 Sep 2023 11:35:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205049
IP address blocks: 185.230.43.0/24 maxlen: 24
185.230.40.0/24 maxlen: 24
185.230.40.0/22 maxlen: 22
185.230.41.0/24 maxlen: 24
185.230.42.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Oct 2023 13:12:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b7:86:28:01:67:d7:bb:49:42:3c:46:73:b4:29:fe:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e332dd2994c6ee89436158a2eac1f482922cd2a
Validity
Not Before: Sep 21 11:35:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f8da6b34c5cecf6e1e736053469b84385c35ac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:4a:75:ca:55:fe:fe:54:7f:ca:81:f6:20:b3:
cb:7d:13:e6:9d:9c:93:62:43:83:f5:c7:b2:5f:b8:
50:c7:98:29:dd:f0:f4:46:cb:85:a0:a3:d3:64:68:
ec:2a:84:52:d3:43:b0:e4:f7:36:60:a7:12:ba:77:
ed:d4:fd:97:1f:c3:8e:12:d1:de:b0:04:fe:56:49:
cb:66:3e:34:3c:93:49:a2:7c:6c:49:c2:f3:36:b9:
01:b1:0a:06:38:84:ea:6a:56:9b:68:5d:40:6f:da:
58:83:5d:b9:82:b7:fe:2e:be:2f:e0:0e:40:d1:64:
1c:29:e8:51:26:c6:b6:1d:55:48:58:de:2f:e0:79:
6e:53:a0:49:11:df:ba:62:26:53:38:5e:24:d2:53:
dd:67:0e:ef:40:bc:43:1a:d6:fe:cf:4d:24:5f:30:
1f:3d:f8:98:5c:b2:f8:7a:29:b6:5a:1e:0d:ec:c8:
85:cf:73:b5:33:18:5f:67:a3:a2:e6:90:ce:8c:b5:
4e:66:50:a5:18:11:06:e5:75:b9:84:ce:88:72:09:
e9:2d:e2:01:36:cc:91:15:58:46:45:a8:31:d5:5f:
b0:7b:25:cc:18:5a:25:c3:76:24:fa:dd:5c:fd:8b:
e6:7d:56:b5:61:72:e9:8a:f4:66:16:e4:ad:56:c9:
62:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:8D:A6:B3:4C:5C:EC:F6:E1:E7:36:05:34:69:B8:43:85:C3:5A:C3
X509v3 Authority Key Identifier:
keyid:3E:33:2D:D2:99:4C:6E:E8:94:36:15:8A:2E:AC:1F:48:29:22:CD:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PjMt0plMbuiUNhWKLqwfSCkizSo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/H42ms0xc7Pbh5zYFNGm4Q4XDWsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/608e21-6a40-4711-9c83-d024ad4b7beb/1/PjMt0plMbuiUNhWKLqwfSCkizSo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.40.0/22
Signature Algorithm: sha256WithRSAEncryption
70:d9:8e:64:7b:4f:53:c1:46:17:30:e6:82:a3:7d:c0:49:32:
df:c8:4a:34:64:66:42:37:a2:30:e2:09:4e:95:39:7c:59:39:
9f:63:d7:01:4f:52:71:a9:9d:97:88:c2:32:14:95:e2:56:8b:
c5:13:3f:44:1c:cd:c3:e7:56:48:fc:76:68:83:f1:5f:75:f1:
0f:3b:c0:60:e0:f0:ac:cd:b1:30:11:34:8b:52:64:c2:bf:1c:
79:ba:82:76:68:91:97:4e:6d:af:a0:a7:b1:a5:d3:7b:61:90:
ed:81:59:c7:8d:a0:c3:a1:da:26:7b:93:77:54:d7:4d:e2:48:
46:2e:9d:d6:b7:37:ff:9c:ad:8e:d7:22:04:29:9e:b4:ad:f0:
34:5d:34:23:ea:93:e5:d3:34:a3:e1:aa:65:36:ad:56:39:fc:
54:4a:35:bc:e3:10:50:8f:af:f4:8c:91:4e:bc:ee:ed:3f:5e:
1a:0c:39:de:5d:24:65:df:b8:f7:b9:3d:2f:ea:07:ff:b7:6a:
d9:28:43:47:00:99:4c:90:aa:e9:64:d3:3d:bf:9c:e3:44:6a:
b3:6a:1a:cd:1a:86:df:dd:92:6a:60:6d:fd:09:78:65:4a:26:
0b:6c:b7:f4:c2:4f:9c:38:7c:5d:2f:b9:ee:e5:b1:76:8c:5a:
37:2e:de:1e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYq3higBZ9e7SUI8RnO0Kf51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMzMyZGQyOTk0YzZlZTg5NDM2MTU4YTJlYWMxZjQ4Mjky
MmNkMmEwHhcNMjMwOTIxMTEzNTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjhkYTZiMzRjNWNlY2Y2ZTFlNzM2MDUzNDY5Yjg0Mzg1YzM1YWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikp1ylX+/lR/yoH2ILPLfRPmnZyT
YkOD9ceyX7hQx5gp3fD0RsuFoKPTZGjsKoRS00Ow5Pc2YKcSunft1P2XH8OOEtHe
sAT+VknLZj40PJNJonxsScLzNrkBsQoGOITqalabaF1Ab9pYg125grf+Lr4v4A5A
0WQcKehRJsa2HVVIWN4v4HluU6BJEd+6YiZTOF4k0lPdZw7vQLxDGtb+z00kXzAf
PfiYXLL4eim2Wh4N7MiFz3O1MxhfZ6Oi5pDOjLVOZlClGBEG5XW5hM6IcgnpLeIB
NsyRFVhGRagx1V+weyXMGFolw3Yk+t1c/YvmfVa1YXLpivRmFuStVsliVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB+NprNMXOz24ec2BTRpuEOFw1rDMB8GA1UdIwQY
MBaAFD4zLdKZTG7olDYVii6sH0gpIs0qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGpNdDBwbE1idWlVTmhXS0xxd2ZTQ2tpelNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC82MDhlMjEtNmE0MC00NzExLTljODMt
ZDAyNGFkNGI3YmViLzEvSDQybXMweGM3UGJoNXpZRk5HbTRRNFhEV3NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC82MDhlMjEtNmE0MC00NzExLTljODMtZDAyNGFkNGI3YmVi
LzEvUGpNdDBwbE1idWlVTmhXS0xxd2ZTQ2tpelNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCueYoMA0G
CSqGSIb3DQEBCwUAA4IBAQBw2Y5ke09TwUYXMOaCo33ASTLfyEo0ZGZCN6Iw4glO
lTl8WTmfY9cBT1JxqZ2XiMIyFJXiVovFEz9EHM3D51ZI/HZog/FfdfEPO8Bg4PCs
zbEwETSLUmTCvxx5uoJ2aJGXTm2voKexpdN7YZDtgVnHjaDDodome5N3VNdN4khG
Lp3Wtzf/nK2O1yIEKZ60rfA0XTQj6pPl0zSj4aplNq1WOfxUSjW84xBQj6/0jJFO
vO7tP14aDDneXSRl37j3uT0v6gf/t2rZKENHAJlMkKrpZNM9v5zjRGqzahrNGobf
3ZJqYG39CXhlSiYLbLf0wk+cOHxdL7nu5bF2jFo3Lt4e
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:55 2024 by rpki-client on console-ams.rpki-client.org